Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

New Page Turns in Veterans Data Loss

WEBINAR:On-Demand

A VA contractor has discovered that a computer containing information on as many as 38,000 veterans is missing, officials at the Department of Veterans Affairs announced on Aug. 7. In addition, law enforcement officials announced that two men suspected of stealing a VA laptop had been formally charged on Aug. 5 with those thefts.

The contractor, Unisys, will provide credit monitoring services to all veterans who were potentially affected by the data breach, according to Ted Davies, managing partner of Civilian Agencies for Unisys Federal Systems, in Reston, Va. He said that while Unisys had not signed a contract, the company was "on the verge" of doing so. He also said that the VA will inform all potentially affected veterans of this service.

Matthew Burns, spokesperson for the department, in Washington, said Unisys told the VA on Aug. 3 that the computer was missing from its Reston offices.

VA officials receiving the report immediately relayed it to the secretary of Veterans Affairs, R. James Nicholson, as well as to the agencys inspector general, congressional leaders, the FBI and the Department of Homeland Securitys Computer Emergency Response Team.

Further reading

"VAs inspector general, the FBI and local law enforcement are conducting a thorough investigation of this matter," Nicholson said in a prepared statement.

Burns said that the information on the missing computer included veterans names, addresses, Social Security numbers and birth dates, as well as insurance carriers, billing information and details of military service.

Meanwhile, a pair of Maryland men have been charged with taking the laptop that contained the personal information of 26.5 million veterans and active duty military personnel, authorities said. The men, Jesus Alex Pineda and Christian Brian Montano, are both 19 and are both of Rockville, Md..

The men have been charged with stealing the laptop from the Aspen Hill, Md., home of Department of Veterans Affairs analyst Wayne Johnson on May 3. The charges against them include first-degree burglary and theft of more than $500. Montano was also charged with conspiracy. Police said that they will also charge a minor in the case but did not release his name because of his age. That person is already incarcerated. A trial date has not been set.

It did not appear that the men were after the information stored on the computer and external hard drive, the Montgomery County Police Department said in a statement.

In describing the Unisys data loss, Burns said the information came from about 5,000 patients at the Philadelphia VA Medical Center, from about 11,000 patients in Pittsburgh and from about 2,000 deceased patients. In addition, the VA said it believes that about 20,000 more who received care at the Pittsburgh Medical Center could be included.

"VA is making progress to reform its information technology and cyber-security procedures, but this report of a missing computer at a subcontractors secure building underscores the complexity of the work ahead as we establish VA as a leader in data and information security," Nicholson said in his statement.

"Unisys will be working with VA regarding the notification of potentially affected veterans and the offering of credit monitoring, said Unisys spokesperson Lisa Meyer in a prepared statement.

Davies said he hopes the situation is resolved quickly. "The sphere of where it might be is very small," Davies told eWeek.

He said that Unisys, along with the VA, the FBI and Homeland Security, are sifting through evidence to find the missing computer.

Davies said that the contract requirements mandated that the computer have a password for the computer itself and a separate password for the database that contained the missing names. Davies also noted that Unisys met all applicable HIPAA (Health Insurance Portability and Accountability Act) requirements. "The building is a fairly secure facility," Davies said.

"Were using all available data about the time and from where it disappeared. There was a lot of good information we could gather," Davies said. While he noted that he cant speculate when the case might be solved, he said he hopes its soon. "This is a high priority for our organization," he said.

Security consultant David Taylor, of Stamford, Conn., said Unisys is doing the right thing. "Heres a case where a well-respected organization with proper security got hit," he said. "Imagine what its like for organizations that dont have security in place. If Unisys wasnt so diligent, it wouldnt have been reported."

Data (in)security at the VA

While the Department of Veterans Affairs hasnt had a monopoly on recent data breaches, its certainly been the subject of an uncomfortable percentage of headlines. Heres a timeline that charts the agencys data security woes:

March 16, 2006

VA receives failing grade on 2005 FISMA data security report card

May 3, 2006

VA laptop containing information on 26.5 million veterans is stolen from the home of VA analyst Wayne Johnson in Aspen Hill, Md.

June 22, 2006

VA admits to theft of laptop containing information on 26.5 million veterans

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.